Privacy Policy
Last Update: 01/06/2026
1. Data Controller
The Plannelink service is developed and managed by the Plannelink Technical Team (Independent Software Group), based in Italy.
Our "Privacy by Design" philosophy ensures that the Controller cannot technically access the decrypted data stored in the user's Vault.
Contact DPO: team@plannelink.com
Our "Privacy by Design" philosophy ensures that the Controller cannot technically access the decrypted data stored in the user's Vault.
Contact DPO: team@plannelink.com
2. Collected Data & Zero-Knowledge Architecture
We distinguish between two categories of data:
- Account Data (Visible): Email (required for login/notifications), Activity Timestamp, Security Logs (hashed IP) to prevent abuse.
- Vault Data (HIDDEN / Encrypted): All data entered into the dashboard (Asset List, Instructions, Credentials, Notes) is encrypted locally on your device (AES-256 Client-Side) before transmission. Plannelink only stores unintelligible strings. Your Master Password is never sent to or stored on our servers.
3. Purpose and Legal Basis
We process your data to:
- Provide the "Dead Man's Switch" service (Performance of Contract - Art. 6.1.b GDPR).
- Ensure security and prevent fraud (Legitimate Interest - Art. 6.1.f GDPR).
- Send critical service communications (e.g., heartbeat checks).
4. Data Retention
- Active Accounts: Data remains encrypted in our databases until a deletion request.
- Triggered Accounts (Post-Event): Upon protocol activation, decryptable data is sent exclusively to designated beneficiaries.
- Deletion: Upon account closure, the cryptographic key is immediately destroyed, making the data mathematically irretrievable.
5. Place of Processing & Third Parties
Plannelink servers are hosted within the European Union (EU Region), complying with GDPR standards.
We do not sell your data. We do not use invasive advertising trackers.
We do not sell your data. We do not use invasive advertising trackers.
6. User Rights
In compliance with EU Regulation 2016/679, you have the right to: access, rectify, export (Portability - JSON format), or request total deletion ("Right to Erasure"). You can exercise these rights directly via Settings or by contacting the Team.
7. Changes
We reserve the right to update this policy. Substantial changes will be notified via email.